From cb98894eb1d9dfa8a2b040224a0a5605db38a2cf Mon Sep 17 00:00:00 2001
From: Vadim Yanitskiy <vyanitskiy@sysmocom.de>
Date: Sun, 8 Nov 2020 13:27:35 +0700
Subject: TLLI 0x00000000 is a valid TLLI, use 0xffffffff instead

The assumption that TLLI 0x00000000 is invalid and can be used
as the initializer is wrong.  Similar to TMSI, 0x00000000 is a
perfectly valid value, while 0xffffffff is reserved - use it.

According to 3GPP TS 23.003, section 2.4, a TMSI/P-TMSI with
all 32 bits equal to 1 is special and shall not be allocated by
the network.  The reason is that it must be stored on the SIM,
where 'ff'O represents the erased state.  According to section
2.6 of the same document, a local/foreign TLLI is derived from
P-TMSI, so the same rule applies to TLLI.

I manually checked and corrected all occurances of 'tlli' in the
code.  The test expectations have been adjusted with this command:

  $ find tests/ -name "*.err" | xargs sed -i "s/0x00000000/0xffffffff/g"

so there should be no behavior change.  The only exception is
the 'TypesTest', where TLLI 0xffffffff is being encoded and
expected in the hexdump, so I regenerated the test output.

Change-Id: Ie89fab75ecc1d8b5e238d3ff214ea7ac830b68b5
Related: OS#4844
---
 src/tbf_ul.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'src/tbf_ul.cpp')

diff --git a/src/tbf_ul.cpp b/src/tbf_ul.cpp
index 57da02a6..80a8eaa4 100644
--- a/src/tbf_ul.cpp
+++ b/src/tbf_ul.cpp
@@ -359,7 +359,7 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 	if (ms())
 		ms()->update_l1_meas(meas);
 
-	uint32_t new_tlli = 0;
+	uint32_t new_tlli = GSM_RESERVED_TMSI;
 	unsigned int block_idx;
 
 	/* restart T3169 */
@@ -448,9 +448,10 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 				continue;
 			}
 			if (!this->is_tlli_valid()) {
-				if (!new_tlli) {
+				if (new_tlli == GSM_RESERVED_TMSI) {
 					LOGPTBFUL(this, LOGL_NOTICE,
-						  "TLLI = 0 within UL DATA.\n");
+						  "TLLI is 0x%08x within UL DATA?!?\n",
+						  new_tlli);
 					m_window.invalidate_bsn(rdbi->bsn);
 					continue;
 				}
@@ -458,7 +459,7 @@ int gprs_rlcmac_ul_tbf::rcv_data_block_acknowledged(
 					  "Decoded premier TLLI=0x%08x of UL DATA TFI=%d.\n",
 					  new_tlli, rlc->tfi);
 				update_ms(new_tlli, GPRS_RLCMAC_UL_TBF);
-			} else if (new_tlli && new_tlli != tlli()) {
+			} else if (new_tlli != GSM_RESERVED_TMSI && new_tlli != tlli()) {
 				LOGPTBFUL(this, LOGL_NOTICE,
 					  "Decoded TLLI=%08x mismatch on UL DATA TFI=%d. (Ignoring due to contention resolution)\n",
 					  new_tlli, rlc->tfi);
-- 
cgit v1.2.3